Computer software is a unique consumer product in that the same product can be replicated many times after being sold. Once a software product is sold, typically as software code on a computer-readable disk, the purchaser can easily copy the code to other computer-readable media thereby replicating the same product many times over.
This characteristic of software can be a tremendous benefit in terms of lowering manufacturing costs and facilitating distribution. For instance, easy replication allows a software manufacturer to distribute one physical copy of the software product and sell a multi-seat license that legally empowers the purchaser to install the software product on many different computers.
Unfortunately, this benefit comes at a cost of open abuse. One well-known abuse is piracy. An unscrupulous party can obtain a copy of the object code (legally or illegally) and then illicitly replicate and resell pirated copies of the product. Software companies attempt to monitor piracy activities, but detection is often difficult. Moreover, even when improper activity is detected, enforcement and legal recourse is often unavailable from a practical standpoint, particularly since much of the abuse occurs in foreign lands.
A less subtle abuse is the improper use of the software product beyond the scope of the license. One common scenario involves a shrink-wrap software product available at local retail stores. The product is typically accompanied by a shrink-wrap license to install and use the product on one computer, and perhaps additionally on a laptop. Unfortunately, the purchaser may intentionally or unintentionally install the product on more than the allowed computers, thereby violating the license. For the software manufacturer, this form of abuse is very difficult to monitor and even more difficult to prosecute.
The computer software industry estimates that billions of dollars are lost each year due to piracy and other illicit uses. While licenses provide a legal avenue for recourse against such practices, the practicality of detecting and enforcing often prove too onerous for the manufacturer. Accordingly, software companies have a real incentive to reduce the amount of abuses through other means.
One conventional technique for preventing unlimited copying of a software product is to design the code with a self-regulating mechanism that prevents repeated installations. This mechanism counts the number of installations and disables the software code after the product has been installed a certain number of times. The underlying premise is that multiple installations tend to indicate that the user is attempting to install the product on multiple different computers, rather than just one computer allowed by the license.
FIG. 1 illustrates this concept. A manufacturer creates a software product and places the code on a disk 20, such as a CD-ROM or floppy diskette. The disk 20 is packaged to form a shrink-wrap retail product 22. The manufacturer generates and assigns a serialized key that uniquely identifies that product. For instance, the key might consist of a manufacturer ID, a serialized incrementing number, a registered product code, and a checksum value. The key is printed on a label 24 and affixed somewhere on the product, such as the CD-ROM case.
During installation, the purchaser of the software product is prompted to enter the key. This step alone is designed to prevent another party from obtaining the disk 20 only, without knowledge of the key, and installing the product illegally. Without the key, the holder of the physical disk is prevented from installing the product.
The product tracks the number of installations. Once the purchaser enters the same key more times than a defined limit, the product is disabled. The purchaser is then forced to call the manufacturer for assistance.
While such mechanisms help reduce illicit copying, they often cause other problems in the form of consumer inconvenience. For instance, the premise that more installations than a requisite number means illegal use may be wrong in some cases. A user who has upgraded his/her computer, for example, should be able to legitimately reinstall the software product on the upgraded machine. However, if the requisite number of installations has already been reached, the product will not install, forcing the user (who is now disgruntled) to call the manufacturer for assistance.
Accordingly, there remains a need for improved technology solutions to piracy and illicit use, but which also recognizes and accommodates the needs and practices of a legitimate purchaser.